<?php

namespace App\Policies;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    /**
     * Create a new policy instance.
     * 权限策略
     *针对UsersController中的update()方法
     *
     */
    public function  update(User $currentUser,User $user)
    {
       //验证当前登陆用户是否是修改的用户本身
       return  $currentUser->id === $user->id;
    }
    
    public function destroy(User $currentUser,User $user)
    {
      //验证当前登陆用户是否是管理员且是其本身时看不到删除链接
      return  $currentUser->is_admin && $currentUser->id !== $user->id;
    }
}
